More fighting ssh password guessing attempts (Updated)
About one year ago (coincidence?) there was some discussion about
how to protect your server against ssh password guessing, see
elsewhere in my blog.
Apparently the topic came up
again,
for ssh and other services this time,
and quite a number of people chimed in and mentioned their preferred
solutions to the same old problem. Solutions fall into three categories:
administrative settings, logfile-parsing, and PAM-based solutions.

The latter post also mentions going the PAM way, which hooks right
into the authentication framework and can detect repeated authentication
failures best - at the place where they get detected first. This is implemented by
the anti-bruteforce PAM module in pkgsrc/security/pam-af.

I guess that's some food for thoughts, and a lot of programs to do the job.
Let's see what comes up in Jan 2008 for this topic... :-)

Update:
Elad Efrat wrote me to tell that server site log parsing may not
be such a good idea as it has a potential to open up for some nasty attacks,
see this thread on the fulldisclosuer list. You've been warned!